Every file is encrypted on your device with XChaCha20-Poly1305 before it touches the network. The upload is ciphertext from byte one.
“The cloud should never have access to your files. With DRIVUNO, it doesn't.”
For professionals, studios, families and individuals who refuse to send plaintext to a server.
Per-file keys are generated locally. The file is encrypted in chunks before any byte leaves your machine.
Your master key is derived from your password with Argon2id, on your device. The server never sees it.
We store opaque encrypted blobs, wrapped keys and minimal metadata. There is nothing readable to scan.
No previews, no OCR, no AI features running on your plaintext. Encryption before upload makes them impossible.
XChaCha20-Poly1305, Argon2id, X25519, Ed25519 — via libsodium, widely reviewed and modern.
Chunked authenticated encryption means large files stream and resume cleanly without weakening the model.
Encryption at rest protects against stolen hardware. TLS protects against network eavesdroppers. Neither prevents the provider from reading your file once it lands on their servers. Only encryption before upload removes the provider from the trust chain — and that is the model DRIVUNO is built on.
When you upload a file to DRIVUNO, the server receives an opaque ciphertext blob, a wrapped per-file key it cannot open, and minimal operational metadata. No filenames in clear inside the envelope, no thumbnails generated server-side, no content indexing. The cloud sees a blob — and that is the design.
Confidentiality built on policy depends on the provider behaving well over time. Confidentiality built on encryption before upload depends only on the cryptography. The first model is breakable. The second is architectural.
No. Files are encrypted on your device before upload using XChaCha20-Poly1305. DRIVUNO servers only ever store ciphertext. The keys required to decrypt your files are derived from your password on your device and never leave it unencrypted.
Zero-knowledge is an architecture in which the service provider has no technical ability to access user data. With DRIVUNO, your master key is derived locally from your password using Argon2id. The server never sees that key, so it cannot decrypt your files even if compelled to.
DRIVUNO uses a different architecture. Google Drive, Dropbox and similar consumer clouds hold the encryption keys to your files, which means their staff, automated systems, and any party with legal access can in principle read your content. DRIVUNO is designed so that this is technically not possible on our side.
Because we cannot read your data, we also cannot reset it for you. You can configure a recovery key when creating your account. We strongly recommend storing it offline. Without your password or recovery key, encrypted data cannot be recovered — by design.
Start free with 2 GB. Zero-knowledge encryption from the first upload — no admin override, no AI scanning, no plaintext on the server.
